urlscan.io logo urlscan.io
SecurityTrails logo

tbalerts.com Open in urlscan Pro
2606:4700:3033::ac43:8f4f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tbalrt7.com/UUF190z
Effective URL: https://tbalerts.com/tbgr/?camp=G-1388
Submission: On September 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3033::ac43:8f4f, located in United States and belongs to CLOUDFLARENET, US. The main domain is tbalerts.com.
TLS certificate: Issued by E1 on July 21st 2022. Valid for: 3 months.
This is the only time tbalerts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3031::6815:33de (United States)

ASN13335 (CLOUDFLARENET, US)
tbalrt7.com
15    2606:4700:3033::ac43:8f4f (United States)

ASN13335 (CLOUDFLARENET, US)
tbalerts.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.google.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
Apex Domain
Subdomains		 Transfer
15 tbalerts.com
tbalerts.com
645 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
maps.googleapis.com — Cisco Umbrella Rank: 646
2 KB
1 google.com
maps.google.com — Cisco Umbrella Rank: 2967
53 KB
1 tbalrt7.com
tbalrt7.com
764 B
20 5
Domain Requested by
15 tbalerts.com tbalerts.com
2 fonts.gstatic.com fonts.googleapis.com
1 maps.googleapis.com maps.google.com
1 fonts.googleapis.com tbalerts.com
1 maps.google.com tbalerts.com
1 tbalrt7.com 1 redirects
20 6

This site contains links to these domains. Also see Links.

Domain
eridal-walting.icu
Subject Issuer Validity Valid
*.tbalerts.com
E1		 2022-07-21 -
2022-10-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://tbalerts.com/tbgr/?camp=G-1388
Frame ID: 64310F0B8C655B4BE551A525245E6C68
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tbalrt7.com/UUF190z HTTP 302
    https://tbalerts.com/tbgr/?camp=G-1388 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

731 kB
Transfer

1724 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tbalrt7.com/UUF190z HTTP 302
    https://tbalerts.com/tbgr/?camp=G-1388 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tbalerts.com/tbgr/
Redirect Chain
  • https://tbalrt7.com/UUF190z
  • https://tbalerts.com/tbgr/?camp=G-1388
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
f0d15467bd7064e101fe6e710e0b8299d0f9ca9b22148aac6f9c469079736ced

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74ad8cbadecdbbb5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 15 Sep 2022 01:22:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jzh0oDPj7OCfXvqgzI0RCajLpYdrMmdgCmSy8%2FIH3QEj0x79Nq5R3Rt752ul3P5klo9ABSv12BKnulhqMWDwhBHdxfH2LtLCJyZiDB1kzJFAcpSwjva5RGHdccD%2Bg8onGCf%2BCSqZ93FOhTY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.30

Redirect headers

access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
access-control-allow-methods
GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74ad8cb5cdfe906a-FRA
content-type
text/html; charset=utf-8
date
Thu, 15 Sep 2022 01:22:09 GMT
location
https://tbalerts.com/tbgr/?camp=G-1388
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCqtt6iWrWekE0%2Bc07Lrn6%2BHlXL0yQQHcP1GwH0lesSNKhbvg3T9t16voNSEIZijJsJobCt7ut0M%2BtBM%2FnaFAZaNycCgUpvxzvFt3dTC7UgEuWUUL%2BOAtc1NgZVKv80i%2F5mrlDO36CtawQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1663204931
x-xss-protection
1; mode=block
modernmag-assets.min.css
tbalerts.com/css/ 		217 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/css/modernmag-assets.min.css
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5e23519152b84699ba826a321f8d387c836ddd3ac8219b050f76e7349d3813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:08 GMT
server
cloudflare
etag
W/"85403-3656d-5d5759f8a188e-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NihFxur9zqgVEhissg6XTXRG%2FjRvimg%2BVxhrT1q%2FB%2B7KkA4MMXWZDpENkc6%2BU2ZLJOMh2Wk0NAL3%2Bs6DlMnF6CECVkJceggl84dl3DHVAa6dbOuKZUYdVg8y%2FdR2f2%2Bs4omN0zQhSsYgVR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbeb9b3bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
tbalerts.com/css/ 		81 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/css/style.css
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a05a92f5b7e4bccd66cf4ff00856fff1f333d1058ed6921396c8f57c005a5c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:08 GMT
server
cloudflare
etag
W/"85406-14529-5d5759f8a1c76-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP7qKqiM5Do3zs0pTK9%2ByIDWjTX%2Fv%2FmntlVIBeDTBdj6vUPYOywlCqS4CybPa8wrE754EYFuhor51BF3qbqKrCUZfXhieimm9ducPbtE%2BoapYHuAME%2Fl824bS%2FPy9Cr59r17PQhX9ni5L0c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbeb9b5bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
overrides.css
tbalerts.com/css/ 		1 KB
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/css/overrides.css?v=1663204930
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72f4805d78315890a8d36e4c6c4b1e78b062dcb4fa24501308893a848dd27347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 May 2022 15:05:14 GMT
server
cloudflare
etag
W/"84d30-450-5dfd766824716-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5eTrSr75FXggfppNWhs%2B%2FvqECqgOCxIW6utx8twxqftsYaWDIdwgZWPlf%2BWBRgwLUoS5dj5rdYRYUWtblKkE8DcPUGKYBa8USolQviGUY%2FlHVPfNqeeCWFQy50EAmvzCHjiCI60%2FE1YVOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbeb9b6bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.svg
tbalerts.com/images/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbalerts.com/images/logo.svg
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bb3a327c1ff1e973704b621ea5972cd758c2f5a8064b3f6c4c8d63235f038c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:08 GMT
server
cloudflare
etag
W/"85472-1a65-5d5759f8fe4f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6su8sxZAmLkpil%2BFy0SNPIDLOfMtk%2F%2BtRZNTh%2FWaCnWEA1NrR1sSVw2sVrrJi7VAJq05yulP%2BQbc4YgCDAwcQY%2FLf%2FH01s8eJKeLOx81M9DxEw7yE0GYlY5yS0vmhHjKP4pJ%2Bg05XdOrOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbed9cabbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo-red.png
tbalerts.com/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbalerts.com/images/logo-red.png
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b1b71d8d3620f78fb183c95cbbb58410c8e95f9e1479baf40f6d2874076568

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:11 GMT
cf-cache-status
MISS
last-modified
Wed, 26 Jan 2022 13:41:20 GMT
server
cloudflare
etag
"85404-3148-5d67c5b5ad935"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snU67waXhohCEla9DMzR4mpzPh%2FXL4Yso2QQDMZD0gQGVV5m5JUOQkqbxh3WITypaglPUHhKRvO2EFbfz%2FeZZgWqR1hs5N9ToQ2s%2BI6%2BBqgcYodsFxm4lG7Rqf2ubtwPe6jmuM6F9SU4PtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ad8cbed9ccbbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12616
Ads_03tba.jpg
tbalerts.com/images_SOP/ 		238 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbalerts.com/images_SOP/Ads_03tba.jpg
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6c844d02c4efb2c147de6a7c76acc74132192cd5f918301a2db77bac12838bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:11 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Mar 2022 22:10:43 GMT
server
cloudflare
etag
"84e8c-3b96e-5da856af98bec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTfs%2F1Jo8%2BFFPiZnrW1YxDvCA7MCxuelu7Nx%2BnReg4qy7QFEvVGDeWMO%2FGuDURU89UyGK2fqkVWhZzv5OlGMvop%2FO7u%2FyZXhvCwaW9etFRiWav8w1dymHIwa72%2Fe3%2FwyKs11lXwHSGrDtWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ad8cbed9cdbbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
244078
logo-red.svg
tbalerts.com/images/ 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbalerts.com/images/logo-red.svg
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5ef9f5f102ed16bfc403e3a6ff1d9a8f75851a38188ed9c14a9d6326f850c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:08 GMT
server
cloudflare
etag
W/"85470-22f3-5d5759f8fe4f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fd4tbTXeSg1V635lEl6EDOhItBPsGrJ%2Fx0WZ7e18I2%2FUTuGENXwTNc4vzpX3bM%2BvfHUM5dSTj%2FjXD%2FHZEjCmkp2z3LesWX3dlc26ahBeDxsHwJQo2UW3R4bT3HhnqbbrnVw8N0LBPvFphPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbed9cebbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.12.4.js
tbalerts.com/include-offer/js/ 		287 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/include-offer/js/jquery-1.12.4.js
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:09 GMT
server
cloudflare
etag
W/"103370-47a36-5d5759f9ba4db-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Af0%2F5DDtieW7Cfv%2F9xn%2FkY0jCq7hHTeE15IQE5kD3aFzWWkHCCNMcf5K8Ex3J9HkV33ugtn4gwlVgfTqJ%2BRvRP2Kc%2BkFihcdtUXRSzgzFIvbgKO4N%2BBfvRrts0mTC7es8pU%2F82yvXHrMXqA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbed9c3bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
modernmag-plugins.min.js
tbalerts.com/js/ 		426 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/js/modernmag-plugins.min.js
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030154b28eaa858c9adde0b2a71f38f28632e4dc83595b986fd713a5547d5313

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:09 GMT
server
cloudflare
etag
W/"184cad-6a865-5d5759fa1c735-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05L3qyRTM8TNjZP3VXsqgazyx7m6MKCD10E19jt61KXEPSHFI5PYnq6aw9Oreev52Ak042uvlo%2Fv2DoGoFbqrSnnUh858MAtMpjvp3XOz2VXYaIeEK5lAXC4GgUflvgW%2FCPqjR8QUHY0r2I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbed9c4bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
popper.js
tbalerts.com/js/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/js/popper.js
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f6d8126314e0704ac6d93a1d4be02d00baeb162e006de569bc9a8d686d0b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:09 GMT
server
cloudflare
etag
W/"184cae-13cca-5d5759fa1c735-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOThIxhOTNVQWIACT4QsVJ3QjN6WNeIujznt28li3OnHlJSS5nNKtlJfOwyW50ZGX%2BbGjOzMDCYHgeawUFVEZ45lemSkZflvx%2BT%2F0Gm7%2Bc%2F5bRNWCOu2V0rFyAoscg%2BZamcXw5wPluODjcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbed9c5bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.js
tbalerts.com/js/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/js/bootstrap.min.js
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:09 GMT
server
cloudflare
etag
W/"184ca2-c584-5d5759fa1bf65-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdRiDjqjf3VZSs7ihUlvkZ5zj%2F6OKJYBcxiOZodnUMG75VZ5iaSqrGW4jOY74mIu75cjRGk9HsSiCtVimIccHQL%2BkM0mN3i0kDCMWYu6XqTgLF1%2FWjumZRHekQsopV6j1TWwfCAXJ%2FckD5o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbed9c6bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
maps.google.com/maps/api/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps/api/js?key=AIzaSyCiqrIen8rWQrvJsu-7f4rOta0fmI5r2SI&sensor=false&language=en
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
68554e07a7a70644ad1061f31c15d13ae6f3ad832aa8b4f5ec3861215531ecfa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:10 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=23
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54013
x-xss-protection
0
expires
Thu, 15 Sep 2022 01:52:10 GMT
gmap3.min.js
tbalerts.com/js/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/js/gmap3.min.js
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad90825cea3d3dce4b51346c1434df3f065abd3cf16df0aa37e696f608824bca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:09 GMT
server
cloudflare
etag
W/"184ca7-7a70-5d5759fa1bf65-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z59Fd0f%2BTn5edrho4e9ukHoJRYmr2KuGzbG2AMZPoAdJUCNLoE%2FfnuObMh8i6fN7JieNuOZpJ%2FI5TTTjIHOL82q7DyzTK7hGyMTQLtyKs5mRzPm7jIPAle5s8Jr17GrlNSGyEgQQGbntgIU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbed9c7bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
script.js
tbalerts.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/js/script.js
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/tbgr/?camp=G-1388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06749e4c90fe9dcb07ceda1a0c7ea742c938bc3810f535e3588a0d3173e79083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/tbgr/?camp=G-1388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:09 GMT
server
cloudflare
etag
W/"184cb0-1746-5d5759fa1cb1d-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gowDgh5b7xDoIOzq5WFtEME%2Bz3K6aRXZA5%2BqjryegRUzcNHw9IEuM%2FwFPLNFLVdR%2FCqj2Uo6TbrSRu5RL0MKTzFTt%2Bgo4lvatHyS1eTHzA44dLj5pxpqh0KtcCAGL9CLwQ4fPKLSKsJJbq8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ad8cbed9c9bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,400i,700
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35b9a6a5259fdf79379ae383c5f32d9b86c6b631883682bf357d06cc9456dc14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 01:20:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Sep 2022 01:22:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Sep 2022 01:22:11 GMT
fontawesome-webfont.woff2
tbalerts.com/css/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tbalerts.com/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: tbalerts.com
URL: https://tbalerts.com/css/modernmag-assets.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://tbalerts.com/css/modernmag-assets.min.css
Origin
https://tbalerts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:12 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 12:14:08 GMT
server
cloudflare
etag
"85402-12d68-5d5759f8a14a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3ZjhvuLj%2Fwtuhd7YKRs6ZTPK%2Bq63pOj77K4WVFZVuezzGpTcVsteRQzMKr%2BbSns%2Bxau6XzoeyFO5h0NXRnAGoLNCaAQCebZIXQIjkQsWWMYtnowNNVvchL%2BKLqZIgkBwNb6%2FTZvKm4gfCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ad8cc4d9ad9b6a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,400i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tbalerts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 19:04:27 GMT
x-content-type-options
nosniff
age
281864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 19:04:27 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,400i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tbalerts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 22:18:51 GMT
x-content-type-options
nosniff
age
97400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:18:51 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCiqrIen8rWQrvJsu-7f4rOta0fmI5r2SI&sensor=false&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbalerts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:22:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://tbalerts.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| testTheiaStickySidebars object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry function| Retina function| RetinaImagePath function| RetinaImage function| Popper object| bootstrap object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| winDow object| $container object| $filter

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
maps.google.com
maps.googleapis.com
tbalerts.com
tbalrt7.com
2606:4700:3031::6815:33de
2606:4700:3033::ac43:8f4f
2a00:1450:4001:800::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
030154b28eaa858c9adde0b2a71f38f28632e4dc83595b986fd713a5547d5313
06749e4c90fe9dcb07ceda1a0c7ea742c938bc3810f535e3588a0d3173e79083
17f6d8126314e0704ac6d93a1d4be02d00baeb162e006de569bc9a8d686d0b4a
1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5
25b1b71d8d3620f78fb183c95cbbb58410c8e95f9e1479baf40f6d2874076568
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
35b9a6a5259fdf79379ae383c5f32d9b86c6b631883682bf357d06cc9456dc14
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
5a05a92f5b7e4bccd66cf4ff00856fff1f333d1058ed6921396c8f57c005a5c0
5a5e23519152b84699ba826a321f8d387c836ddd3ac8219b050f76e7349d3813
68554e07a7a70644ad1061f31c15d13ae6f3ad832aa8b4f5ec3861215531ecfa
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
72f4805d78315890a8d36e4c6c4b1e78b062dcb4fa24501308893a848dd27347
ad90825cea3d3dce4b51346c1434df3f065abd3cf16df0aa37e696f608824bca
b7bb3a327c1ff1e973704b621ea5972cd758c2f5a8064b3f6c4c8d63235f038c
ba5ef9f5f102ed16bfc403e3a6ff1d9a8f75851a38188ed9c14a9d6326f850c8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e6c844d02c4efb2c147de6a7c76acc74132192cd5f918301a2db77bac12838bc
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
f0d15467bd7064e101fe6e710e0b8299d0f9ca9b22148aac6f9c469079736ced